Banking and Finance


  • A new Mirai-style botnet is targeting the financial sector

    April 5, 2018

    A botnet made up of hijacked internet-connected televisions and web cameras has a new target, security researchers have found. Three financial sector institutions have become the latest victims of distributed denial-of-service (DDoS) attacks in recent months. New research by Recorded Future’s Insikt Group published Thursday points to what’s likely to be the IoTroop botnet, used to pummel financial ...

  • Mastermind behind EUR 1 billion cyber bank robbery arrested in Spain

    March 26, 2018

    The leader of the crime gang behind the Carbanak and Cobalt malware attacks targeting over a 100 financial institutions worldwide has been arrested in Alicante, Spain, after a complex investigation conducted by the Spanish National Police, with the support of Europol, the US FBI, the Romanian, Belarussian and Taiwanese authorities and private cyber security companies. Since ...

  • Old banking Trojan TrickBot has been taught new tricks

    March 22, 2018

    The TrickBot Trojan has been upgraded with new modules to make detection, and defense, more difficult. First discovered in 2016, TrickBot is a financial Trojan which targets the customers of major banks. The Trojan is most commonly connected to phishing campaigns which trick users into entering their credentials into phishing and fraudulent banking websites, designed to appear as legitimate ...

  • Expedia’s Orbitz Says 880,000 Payment Cards Compromised in Security Breach

    March 20, 2018

    Chicago-based online travel booking company Orbitz, a subsidiary of Expedia, reveals that one of its old websites has been hacked, exposing nearly 880,000 payment card numbers of the people who made purchases online. The data breach incident, which was detected earlier this month, likely took place somewhere between October 2016 and December 2017, potentially exposing customers’ ...

  • DDoS mystery: Who’s behind this massive wave of attacks targeting Dutch banks?

    February 1, 2018

    There is as yet no indication of who is behind the massive distributed denial of service (DDoS) attacks on Netherlands banks and government websites that ran from last weekend to Tuesday. Initial reports suggesting a Russian connection appear baseless. The attacks began just a couple of days after media reports stated that Dutch intelligence tipped off their ...

  • Ploutus.D Malware Variant Used in U.S.-based ATM Jackpotting Attacks

    January 29, 2018

    The United States Secret Service issued a warning on Friday to financial institutions citing “credible information” about “planned” attacks against U.S. cash machines using malware that can quickly drain ATM machines dry of cash. The warning came a day after ATM maker Diebold Nixdorf also warned its customers of “potential”  ATM Jackpotting attacks moving from Mexico to the U.S. But journalist Brian ...

  • Dridex banking Trojan compromises FTP sites in new campaign

    January 19, 2018

    Researchers have discovered the Dridex banking Trojan has once again evolved and is now using compromised FTP websites in phishing campaigns. The Trojan was first spotted back in 2014 after targeting banks in the United Kingdom. Since then, Dridex has become infamous for striking financial institutions across Europe. The malware spreads through phishing campaigns, duping victims into downloading ...

  • Oman’s stock exchange was easily hackable for months

    January 18, 2018

    One of the largest stock exchanges in the Middle East has quietly fixed a security issue that could’ve let hackers gain unfettered access to the network. A core router for Oman’s stock exchange, the Muscat Securities Market, had both its username and password as “admin” for months, even after several attempts by a security researcher to ...

  • New KillDisk Variant Hits Financial Organizations in Latin America

    January 15, 2018

    We came across a new variant of the disk-wiping KillDisk targeting financial organizations in Latin America. Trend Micro detects it as TROJ_KILLDISK.IUB. Trend Micro™ Deep Discovery™ proactively blocks any intrusions or attacks associated with this threat. Initial analysis (which is still ongoing) reveals that it may be a component of another payload, or part of a bigger ...

  • After security disasters, banks using SWIFT messaging platform face new regulations in 2018

    January 3, 2018

    In 2018, all banks using the SWIFT messaging platform will be required to comply with a new cybersecurity framework that aims to establish a baseline for security. SWIFT stands for the Society for Worldwide Interbank Financial Telecommunication. Banks use the closed network to communicate among themselves, sending approximately 25 million messages per day. Read more… Source: TechRepublic

  • MoneyTaker Cybercriminal Group Steals $10 Million from Financial Institutions

    December 12, 2017

    Security researchers shed light on the Russian-speaking cybercriminal group MoneyTaker, which was reported to have perpetrated cyberattacks against financial organizations in the U.S. and Russia. The group reportedly stole as much as $10 million from at least 20 card payment and inter-bank transfer systems. What is MoneyTaker? MoneyTaker is a cybercriminal group named after the custom malware they use ...

  • Banking Apps Found Vulnerable to MITM Attacks

    December 7, 2017

    Leading US and UK-based banks have patched a flaw found in their Android and iOS mobile apps that allowed adversaries to conduct man-in-the-middle attacks to steal customer credentials and view and manipulate network traffic. According to researchers at the School of Computer Science at the University of Birmingham that found the flaw, the vulnerability impacted nine apps belonging ...

  • Ursnif Trojan Adopts New Code Injection Technique

    December 4, 2017

    Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that Ursnif (or Gozi) samples have been tested in wild by a new malware developer. The samples are a noteworthy upgrade from previous versions. “This finding is ...

  • Hackers Now Have Incredibly Sophisticated Ways to Breach Banks’ Defenses

    November 29, 2017

    Global banks need to do more to protect themselves from cyberattacks after a “significant evolution” in the threat level in the last 18 months, according to the SWIFTglobal payments network. Hackers are deploying increasingly sophisticated ways of breaching banks’ cyber defenses to launch finely orchestrated attacks, SWIFT said in a report co-written with defense contractor BAE Systems. ...

  • Banking Trojan Gains Ability to Steal Facebook, Twitter and Gmail Accounts

    November 14, 2017

    Security researchers have discovered a new, sophisticated form of malware based on the notorious Zeus banking Trojan that steals more than just bank account details. Dubbed Terdot, the banking Trojan has been around since mid-2016 and was initially designed to operate as a proxy to conduct man-in-the-middle (MitM) attacks, steal browsing information such as stored credit card information ...

  • DHS, FBI describe North Korea’s use of FALLCHILL malware

    November 14, 2017

    The North Korean government has likely been using the malware since 2016 to target the aerospace, telecommunications, and finance industries, the US government says. The federal government on Tuesday issued an alert detailing the North Korean government’s use of malware known as FALLCHILL, warning that North Korea has likely been using the malware since 2016 to target the ...

  • New IcedID Trojan Targets US Banks

    November 13, 2017

    Researchers are warning users about a wave of recent attacks targeting U.S. financial institutions that leverage a new banking Trojan dubbed IcedID. The IcedID Trojan was spotted in September by researchers at IBM’s X-Force Research team. They said the Trojan has several standout techniques and procedures, such as the ability to spread over a network and ...

  • Fast-growing cyber crime threatens financial sector: Europol

    November 8, 2017

    The “remorseless” growth of cyber crime is leading to 4,000 ransom attacks a day and gangs’ technological capability now threatens critical parts of the financial sector, the head of Europol said on Wednesday. Online criminals have become so sophisticated that gangs have created “conglomerations” with company structures that specialize in different criminal activities to carry out ...

  • Ursnif Banking Trojan Spreading In Japan

    October 26, 2017

    Attackers behind the pervasive banking Trojan Ursnif have made Japan one of their top targets, delivering the malware via spam campaigns that began last month. For years, Ursnif (or Gozi) has targeted Japan along with North America, Europe and Australia. But according to a recent IBM X-Force analysis of the malware, hackers have stepped up Ursnif ...

  • Dangerous Malware Allows Anyone to Empty ATMs—And It’s On Sale!

    October 17, 2017

    Hacking ATM is now easier than ever before. Usually, hackers exploit hardware and software vulnerabilities to hack ATMs and force them to spit out cash, but now anyone can simply buy a malware to steal millions in cash from ATMs. Hackers are selling ready-made ATM malware on an underground hacking forum that anybody can simply buy for ...